CVE-2026-2328Improper Filtering of Special Elements in Device Sphere

CWE-790Improper Filtering of Special Elements3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.0%
top 90.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Wago Device SphereWago Solution Builder
Timeline
PublishedMar 30

Description

An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5wago/device_sphere0.0.01.2.2
CVEListV5wago/solution_builder0.0.02.4.2

🔴Vulnerability Details

2
GHSA
GHSA-hfg6-72xh-m6qg: An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path travers2026-03-30
CVEList
Backend Access Due to Insufficient Input Validation2026-03-30
CVE-2026-2328 — Improper Filtering of Special Elements | cvebase